Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-29IntezerJoakim Kennedy
@online{kennedy:20220629:ytstealer:0c2bc5c, author = {Joakim Kennedy}, title = {{YTStealer Malware: “YouTube Cookies! Om Nom Nom Nom”}}, date = {2022-06-29}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/ytstealer-malware-youtube-cookies/}, language = {English}, urldate = {2022-06-30} } YTStealer Malware: “YouTube Cookies! Om Nom Nom Nom”
YTStealer
2022-06-09BlackberryJoakim Kennedy, The BlackBerry Research & Intelligence Team
@online{kennedy:20220609:symbiote:fcc031b, author = {Joakim Kennedy and The BlackBerry Research & Intelligence Team}, title = {{Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat}}, date = {2022-06-09}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/06/symbiote-a-new-nearly-impossible-to-detect-linux-threat}, language = {English}, urldate = {2022-06-09} } Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat
Symbiote
2022-04-04IntezerJoakim Kennedy, Nicole Fishbein
@online{kennedy:20220404:elephant:b2c14b1, author = {Joakim Kennedy and Nicole Fishbein}, title = {{Elephant Framework Delivered in Phishing Attacks Against Ukrainian Organizations}}, date = {2022-04-04}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/elephant-malware-targeting-ukrainian-orgs/}, language = {English}, urldate = {2022-04-07} } Elephant Framework Delivered in Phishing Attacks Against Ukrainian Organizations
GraphSteel GrimPlant SaintBear
2022-03-28IntezerJoakim Kennedy, Ryan Robinson
@online{kennedy:20220328:new:cede4da, author = {Joakim Kennedy and Ryan Robinson}, title = {{New Conversation Hijacking Campaign Delivering IcedID}}, date = {2022-03-28}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/conversation-hijacking-campaign-delivering-icedid/}, language = {English}, urldate = {2022-04-05} } New Conversation Hijacking Campaign Delivering IcedID
IcedID PhotoLoader
2021-11-16IntezerJoakim Kennedy, Alik Koldobsky
@online{kennedy:20211116:new:f76a9f4, author = {Joakim Kennedy and Alik Koldobsky}, title = {{New Type of Supply Chain Attack Could Put Popular Admin Tools at Risk}}, date = {2021-11-16}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/chainjacking-supply-chain-attack-puts-popular-admin-tools-at-risk/}, language = {English}, urldate = {2021-11-18} } New Type of Supply Chain Attack Could Put Popular Admin Tools at Risk
2021-09-13IntezerAvigayil Mechtinger, Ryan Robinson, Joakim Kennedy
@online{mechtinger:20210913:vermilion:ff1ee5f, author = {Avigayil Mechtinger and Ryan Robinson and Joakim Kennedy}, title = {{Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike}}, date = {2021-09-13}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/vermilionstrike-reimplementation-cobaltstrike/}, language = {English}, urldate = {2021-09-14} } Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike
Vermilion Strike Vermilion Strike
2021-04-20IntezerJoakim Kennedy
@online{kennedy:20210420:habitsrat:66ff4cf, author = {Joakim Kennedy}, title = {{HabitsRAT Used to Target Linux and Windows Servers}}, date = {2021-04-20}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/habitsrat-used-to-target-linux-and-windows-servers/}, language = {English}, urldate = {2021-04-20} } HabitsRAT Used to Target Linux and Windows Servers
HabitsRAT
2021-04-20IntezerJoakim Kennedy
@online{kennedy:20210420:habitsrat:0cfa312, author = {Joakim Kennedy}, title = {{HabitsRAT Used to Target Linux and Windows Servers}}, date = {2021-04-20}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/habitsrat-used-to-target-linux-and-windows-servers/}, language = {English}, urldate = {2021-04-28} } HabitsRAT Used to Target Linux and Windows Servers
HabitsRAT
2021-03-10IntezerAvigayil Mechtinger, Joakim Kennedy
@online{mechtinger:20210310:new:1e588f7, author = {Avigayil Mechtinger and Joakim Kennedy}, title = {{New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor}}, date = {2021-03-10}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/new-linux-backdoor-redxor-likely-operated-by-chinese-nation-state-actor/}, language = {English}, urldate = {2021-03-11} } New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor
RedXOR XOR DDoS
2021-03-02IntezerJoakim Kennedy
@online{kennedy:20210302:when:b33af31, author = {Joakim Kennedy}, title = {{When Viruses Mutate: Did SunCrypt Ransomware Evolve from QNAPCrypt?}}, date = {2021-03-02}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/when-viruses-mutate-did-suncrypt-ransomware-evolve-from-qnapcrypt}, language = {English}, urldate = {2021-03-04} } When Viruses Mutate: Did SunCrypt Ransomware Evolve from QNAPCrypt?
QNAPCrypt SunCrypt
2020-12-09IntezerJoakim Kennedy
@online{kennedy:20201209:zebra:1c73168, author = {Joakim Kennedy}, title = {{A Zebra in Gopher's Clothing: Russian APT Uses COVID-19 Lures to Deliver Zebrocy}}, date = {2020-12-09}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/russian-apt-uses-covid-19-lures-to-deliver-zebrocy/}, language = {English}, urldate = {2020-12-10} } A Zebra in Gopher's Clothing: Russian APT Uses COVID-19 Lures to Deliver Zebrocy
Zebrocy
2020-08-10AnomaliJoakim Kennedy, Rory Gould
@online{kennedy:20200810:anomali:241a19b, author = {Joakim Kennedy and Rory Gould}, title = {{Anomali Threat Research Releases First Public Analysis of Smaug Ransomware as a Service}}, date = {2020-08-10}, organization = {Anomali}, url = {https://www.anomali.com/blog/anomali-threat-research-releases-first-public-analysis-of-smaug-ransomware-as-a-service}, language = {English}, urldate = {2020-09-15} } Anomali Threat Research Releases First Public Analysis of Smaug Ransomware as a Service
SMAUG
2020-04-30AnomaliSara Moore, Joakim Kennedy, Parthiban R, Rory Gould
@online{moore:20200430:anomali:a12ce9e, author = {Sara Moore and Joakim Kennedy and Parthiban R and Rory Gould}, title = {{Anomali Suspects that China-Backed APT Pirate Panda May Be Seeking Access to Vietnam Government Data Center}}, date = {2020-04-30}, organization = {Anomali}, url = {https://www.anomali.com/blog/anomali-suspects-that-china-backed-apt-pirate-panda-may-be-seeking-access-to-vietnam-government-data-center}, language = {English}, urldate = {2020-05-04} } Anomali Suspects that China-Backed APT Pirate Panda May Be Seeking Access to Vietnam Government Data Center
2019-10-06PlayhouseJoakim Kennedy
@online{kennedy:20191006:go:82e5c38, author = {Joakim Kennedy}, title = {{Go under the hood: Eris Ransomware}}, date = {2019-10-06}, organization = {Playhouse}, url = {https://lekstu.ga/posts/go-under-the-hood-eris/}, language = {English}, urldate = {2020-01-10} } Go under the hood: Eris Ransomware
Eris